35216a3af78a1761c3ee6ac1281d8758677ced034e1b68038bccf3ba3ac96bd7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35216a3af78a1761c3ee6ac1281d8758677ced034e1b68038bccf3ba3ac96bd7
Size

200KB
Sample

221202-vd8bpsah2t
MD5

0e8889ceb104b9e2ebe2dc58a0300fc0
SHA1

4c8fdaa0ef3dd34e6e5080c1be5c7af43e1d20dc
SHA256

35216a3af78a1761c3ee6ac1281d8758677ced034e1b68038bccf3ba3ac96bd7
SHA512

7be17408e90134e5536ce7592156fb247c26cc434b10fc9814042f2f1f4aa96f5f0ceb419f7077f579109f77a577c9b01826d8299d0da2afea418b441f790e23
SSDEEP

3072:zmIicnC3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsG:riR3yGFInRO

Score

8^/10

Malware Config

Targets

- Target
  
  35216a3af78a1761c3ee6ac1281d8758677ced034e1b68038bccf3ba3ac96bd7
- Size
  
  200KB
- MD5
  
  0e8889ceb104b9e2ebe2dc58a0300fc0
- SHA1
  
  4c8fdaa0ef3dd34e6e5080c1be5c7af43e1d20dc
- SHA256
  
  35216a3af78a1761c3ee6ac1281d8758677ced034e1b68038bccf3ba3ac96bd7
- SHA512
  
  7be17408e90134e5536ce7592156fb247c26cc434b10fc9814042f2f1f4aa96f5f0ceb419f7077f579109f77a577c9b01826d8299d0da2afea418b441f790e23
- SSDEEP
  
  3072:zmIicnC3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsG:riR3yGFInRO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2